10 Employee Behaviors That Increase Enterprise Cybersecurity Risk: A Closer Look

Modern enterprises face a persistent challenge: human behavior often introduces cybersecurity vulnerabilities. According to Gartner’s 2022 Drivers of Secure Behavior Survey, 93% of employees admitted to actions that potentially increase organizational risk. Keepnet research found that 70% of organizations have been victims of fake phone calls (vishing), with vishing attacks costing an average of $14 million per year per organization.

Despite security awareness programs, gaps remain between knowledge and behavior, highlighting the urgent need for targeted interventions. Explore the 2024 Voice Phishing Response Report.

The Data Behind Risky Employee Behaviors

The research surveyed 1,310 employees globally across industries and functions, uncovering key insights about insecure practices:

• Traditional, curriculum-based training does not suffice. Awareness doesn’t always translate into secure actions.
• Certain employee segments are more prone to high-risk behaviors, necessitating tailored approaches for risk mitigation.

Top Employee Behaviors That Increase Cybersecurity Risk

The study identified ten prevalent risky actions employees take, emphasizing the critical role of addressing these behaviors to fortify an organization's cybersecurity defenses. Understanding and mitigating these actions can significantly reduce cybersecurity incidents resulting from employee activities.

1. Opening Unknown Attachments: 65% of employees open emails, links, or attachments from unknown sources, significantly increasing the risk of malware and phishing.
2. Sharing Sensitive Work Information: 58% send sensitive work data without verifying sender legitimacy.
3. Sharing Passwords: 52% share work passwords with unauthorized users, weakening access control systems.
4. Saving Data on Personal Devices: 59% store work data on personal devices, reducing control over sensitive data.
5. Transferring Information Between Accounts: 54% transfer sensitive data between personal and work accounts, exposing it to unauthorized access.
6. Using Non-Work Websites for Sensitive Data: 54% input sensitive information into unapproved websites or applications.
7. Connecting Unapproved Media: 55% connect USB drives or removable media to work devices without IT approval.
8. Bypassing Cybersecurity Controls: 54% bypass cybersecurity protocols instead of seeking formal exception requests.
9. Using Unapproved Applications: 52% download applications without IT approval, exposing devices to vulnerabilities.

Building a Security Behavior and Culture Program

To address these challenges, CISOs must foster a security-first culture. Gartner recommends:

• Segmenting Risky Groups: Identify and target employee segments prone to risky behaviors.
• Leveraging Behavioral Insights: Go beyond awareness and focus on behavioral drivers.
• Implementing Adaptive Learning Programs: Use tools like personalized learning paths to encourage secure actions.
• Promoting Cyber Judgment: Teach employees decision-making frameworks to assess risk dynamically.

How Keepnet Helps Enterprises Build a Security Behavior and Culture Program

Keepnet provides comprehensive tools and solutions to help enterprises address risky human behaviors and build a robust Security Behavior and Culture Program. Here’s how Keepnet can support your organization:

1. Phishing Simulation and Security Awareness Training: Keepnet’s platform offers realistic phishing simulations, including MFA, QR, SMS, Voice, Callback, and Reply-to phishing methods, to educate employees and reduce susceptibility to social engineering attacks. Additionally, it provides hyper-personalized, role-based training and nudging techniques to reinforce positive behaviors and address risky employee activities effectively.
2. Behavior-Driven Security Metrics: By leveraging behavior-based analytics, Keepnet helps organizations measure and track employee risk levels, ensuring targeted interventions are data-driven.
3. Customizable Learning Paths: Keepnet uses advanced AI to create adaptive learning paths tailored to individual employee needs, reinforcing positive security behaviors effectively.
4. Incident Response and Reporting: Keepnet’s incident reporting tools empower organizations to promptly detect and respond to risky behaviors while minimizing damages. By simplifying phishing reporting, the platform fosters positive employee behavior, enabling phishing incidents to be analyzed 187x faster and responses to be executed 47x faster, creating a more proactive cybersecurity approach.
5. Executive Insights and Reporting: Keepnet’s platform provides actionable executive reports to showcase progress, identify gaps, and align cybersecurity strategies with business objectives. These reports are underpinned by outcome-driven metrics, enabling organizations to quantify the impact of their cybersecurity initiatives and make data-backed decisions.